package com.peng.security.distributed.order.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.Mapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @program: distributed-security
 * @description: 资源访问器
 * @author: Mr.Wang
 * @create: 2020-01-13 13:56
 **/
@RestController
@RequestMapping("/r")
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class ResourceController {

    @GetMapping("/r1")
    @PreAuthorize("hasAnyAuthority('p1')")
    public String test1(){
        return "访问资源 res1";
    }

}
